Last Updated on
March 20, 2024

Privacy Policy

This privacy policy is an electronic record in the form of an electronic contract formed under the information technology act, 2000 and the rules made thereunder and the amended provisions pertaining to electronic documents/records in various statutes as amended by the information technology act, 2000. This privacy policy does not require any physical, electronic or digital signature. this privacy policy is a legally binding document between you and SmartPaddle Technology Private Limited. The terms of this privacy policy will be effective upon your acceptance of the same (directly or indirectly in electronic form, by clicking on the “i accept” tab or by use of the website or by other means and will govern the relationship between you and SmartPaddle Technology Private Limited for your use of the website (defined below). This document is published and shall be construed in accordance with the provisions of the information technology (reasonable security practices and procedures and sensitive personal data of information) rules, 2011 under information technology act, 2000; that require publishing of the privacy policy for collection, use, storage and transfer of sensitive personal data or information. please read this privacy policy carefully. By using the website, you indicate that you understand, agree and consent to this privacy policy. this policy is global in nature and governs our data protection practices whether we collect your personal information through our websites, application software, or any other means. When we collect information about you other than the aforementioned means, we will first obtain your permission to do so, if and as required by the applicable law. If you do not agree with the terms of this privacy policy, please do not use this website. You hereby provide your unconditional consent or agreement to SmartPaddle Technology Private Limited as provided under section 43a and section 72a of information technology act, 2000.

SmartPaddle Technology Private Limited (“Bizongo”, “we”, “us”, “our”, “Artwork Flow”) is concerned with the privacy of its users (hereinafter referred to as “You”, “Your”, “Yourself”) that frequent its website www.artwork.bizongo.com (“Website”). Bizongo recognizes the importance of privacy as well as the importance of maintaining the confidentiality of your information. This Privacy Policy applies to all products and services provided by us and is drafted to explain to You how Bizongo collects, uses and discloses your information to relevant entities that are vital to the functioning of this Website.

BY USING THIS WEBSITE, YOU AGREE TO THE TERMS AND CONDITIONS OF THIS POLICY. IF YOU DO NOT AGREE WITH THE TERMS AND CONDITIONS OF THIS POLICY, PLEASE DO NOT PROCEED FURTHER TO USE THIS WEBSITE.

Bizongo respects Your privacy and has provided this Privacy Policy to familiarise You with:

  • The type of data or information that You share with or provide to Bizongo and that Bizongo collects from You
  • The purpose for collection of such data or information from You;
  • Bizongo's information security practices and policies;
  • Bizongo's policy on sharing or transferring Your data or information with third parties.

We take measures to protect the security of the information provided by You. You can contact Us about Our privacy practices. Our privacy practices may vary among the countries in which We operate to reflect local practices and legal requirements. This Privacy Policy describes Bizongo’s current data protection policies and practices and may be amended/updated from time to time. Upon amending/updating the Privacy Policy, We will accordingly amend the date above and post the revised version behind the link marked “Privacy Policy” in the footer of each page of Bizongo’s websites. We suggest that You regularly check this Privacy Policy to apprise Yourself of any updates. Your continued use of Website or provision of data or information thereafter will imply Your unconditional acceptance of such updates to this Privacy Policy.

COLLECTION OF INFORMATION

  • Your privacy is important to us and we have taken steps to ensure that we do not collect more information from you than is necessary for us to provide you with our services and to protect your account
  • Information including, but not limited to, user name, address, phone number, fax number and email address (“Registration Information”) may be collected at the time of user registration on the website.
  • In connection with any transaction and payment services or services under our buyer protection schemes we provide on the Website, information, including but not limited to, bank account numbers, billing and delivery information, credit/debit card numbers and expiration dates and tracking information from cheques or money orders (“Account Information”) may be collected to, among other things, facilitate the sale and purchase as well as the settlement of purchase price of the products or services transacted on or procured through the website.
  • We record and retain details of users’ activities on the website. Information relating to such transactions including, but not limited to, the types and specifications of the goods, pricing and delivery information and any trade dispute records (“Activities Information”) may be collected when sale and purchase transactions are conducted on or facilitated through the website.
  • We record and retain records of user's buying and browsing activities on our platform including but not limited to IP addresses, browsing patterns and buyer behavioral patterns. In addition, we gather statistical information about the website and visitors to the website including, but not limited to, IP addresses, browser software, operating system, software and hardware attributes, pages viewed, number of sessions and unique visitors (together “Browsing Information”).
  • Registration Information, Account Information, Activities Information and Browsing Information generally relate to business entities and are together referred to as business (“Business Data”). Insofar and only insofar as they constitute personally identifiable data of living individuals, such information are together referred to as personal data (“Personal Data”).
  • We do not store any messages, photos, videos or documents from your chats/emails through our servers.

REPRESENTATION

  • You hereby represent to Bizongo that the Information You provide to Bizongo from time to time is and shall be authentic, correct, current and updated and You have all the rights, permissions and consents as may be required to provide such Information to Bizongo.
  • Your providing the Information to Bizongo and Bizongo's consequent storage, collection, usage, transfer, access or processing of the same shall not be in violation of any third party agreement, laws, charter documents, judgments, orders and decrees.

USE OF TECHNOLOGY

Bizongo collects, uses, stores and processes Your Information for any purpose as may be permissible under applicable laws (including where the applicable law provides for such collection, usage, storage or processes in accordance with the consent of the user) including the following (“Purposes”):

  • to facilitate Your use of the Website;
  • to respond to Your inquiries or fulfil Your requests for information about the various products and services offered on the Website;
  • to provide You with information about products and services available on the Website and to send You information, materials, and offers from Bizongo;
  • to send You important information regarding the Website, changes in terms and conditions, user agreements, and policies and/or other administrative information;
  • to send You surveys and marketing communications that Bizongo believes may be of interest to You;
  • to personalize Your experience on the Website by presenting advertisements, products and offers tailored to Your preferences;
  • to help You address Your problems incurred on the Website including addressing any technical problems;
  • if You purchase any product or avail of any service from the Website, to complete and fulfil Your purchase, for example, to have Your payments processed, communicate with You regarding Your purchase and provide You with related customer service;
  • for proper administering of the Website;
  • to conduct internal reviews and data analysis for the Website (e.g., to determine the number of visitors to specific pages within the Website);
  • to improve the services, content and advertising on the Website;
  • to facilitate various programs and initiatives launched by Bizongo or third party service providers and business associates;
  • to analyse how our services are used, to measure the effectiveness of advertisements, to facilitating payments;
  • to protect the integrity of the Website;
  • to respond to legal, judicial, quasi-judicial process and provide information to law enforcement agencies or in connection with an investigation on matters related to public safety, as permitted by law;
  • to conduct analytical studies on various aspects including user behaviour, user preferences etc.;
  • to permit third parties who may need to contact users who have bought products from the Website to facilitate service and any other product related support;
  • to implement information security practices;
  • to determine any security breaches, computer contaminant or computer virus;
  • to investigate, prevent, or take action regarding illegal activities and suspected fraud;
  • to undertake forensics of the concerned computer resource as a part of investigation or internal audit;
  • to trace computer resources or any person who may have contravened, or is suspected of having or being likely to contravene, any provision of law including the Information Technology Act, 2000 that is likely to have an adverse impact on the services provided on any Website or by Bizongo.

You hereby agree and acknowledge that the Information so collected is for lawful purpose connected with a function or activity of Bizongo or any person on our behalf, and the collection of Information is necessary for the Purposes.

DISCLOSURE OF PERSONAL DATA

  • You further agree that we may disclose and transfer your Personal Data to service providers engaged by us to assist us with providing you with our services (including but not limited to data entry, database management, promotions, products and services alerts, delivery services, payment extension services, and membership authentication and verification services) (“Service Providers”). These Service Providers are under a duty of confidentiality to us and are only permitted to use your Personal Data in connection with the purposes specified above, and not for their own purposes (including direct marketing).
  • When necessary we may also disclose and transfer your Personal Data to our professional advisers, law enforcement agencies, insurers, government and regulatory and other organizations for the purposes specified at B.9 above.
  • Any Personal Data supplied by you will be retained by us and will be accessible by our employees, any Service Providers engaged by us and third parties referred to above, for or in relation to any of the Purposes.
  • All Voluntary Information may be made publicly available on the website and therefore accessible by any internet user. Any Voluntary Information that you disclose to us becomes public information and you relinquish any proprietary rights (including but not limited to the rights of confidentiality and copyright) in such information. You should exercise caution when deciding to include personal or proprietary information in the Voluntary Information that you submit to us.
  • We may share your Account Information with banks or vendors to enable your transactions on the website to be completed. In addition, we may use your Account Information to determine your creditworthiness and, in the process of such determination, we may need to make such Account Information available to banks or credit agencies. While we have in place up-to-date technology and internal procedures to keep your Account Information and other Personal Data secure from intruders, there is no guarantee that such technology or procedures can eliminate all of the risks of theft, loss or misuse.
  • We may provide statistical information to third parties, but when we do so, we do not provide personally-identifying information without your permission.

GOOGLE DRIVE INTEGRATION

For the purposes of connecting your Google Drive to Artwork Flow, we ask for your permissions and collect some information as listed below:

  • View your email address to verify and allow access to your Google Account
  • See your personal info. This is only the information that you've made available publicly through your account settings on Google
  • View and Manage our configuration data in your Google Drive. This is to maintain our app as an extension within your Google Drive
  • View and manage Google Drive files and folders that you have opened or created with this app. The extension allows you to open a PDF file in Artwork Flow directly from your Google Drive. We only access the file that you have chosen for this task

COOKIES

We use “cookies” to store specific information about you and track your visits to the website. It is not uncommon for websites to use cookies to enhance identification of their users.A “cookies” is a small amount of data that is sent to your browser and stored on your computer's hard drive. A cookie can be sent to your computer's hard drive only if you access the website using a computer. If you do not deactivate or erase the cookie, each time you use the same computer to access the website, our web servers will be notified of your visit to the website and in turn we may have knowledge of your visit and the pattern of your usage. Generally, we use cookies to identify you and enable us to i) access your Registration Information or Account Information so you do not have to re-enter it; ii) gather statistical information about usage by users; iii) research visiting patterns and help target advertisements based on user interests; iv) assist our partners to track user visits to the website and process orders; and v) track progress and participation in promotions. Currently, we use Google Tag Manager, Google Analytics, Hubspot, Microsoft Clarity for analytics, and Intercom, helpscout for support as 3rd party domains. You can determine if and how a cookie will be accepted by configuring the browser which is installed in the computer you are using to access the website. If you choose, you can change those configurations. By setting your preferences in the browser, you can accept all cookies or you can choose to be notified when a cookie is sent or you can choose to reject all cookies. If you reject all cookies by choosing the cookie-disabling function in your browser, you may be required to re-enter information on the website more often and certain features of the website may be unavailable.

MINORS

The website and their contents are not targeted to minors (those under the age of 18) and we do not intend to sell any of our products or services to minors. However, we have no way of distinguishing the age of individuals who access our Site. If a minor has provided us with personal information without parental or guardian consent, the parent or guardian should contact our Legal Department at the address set out in paragraph D above to remove the information.

PASSWORD SECURITY

We employ commercially reasonable security methods to prevent un-authorized access to the website, to maintain data accuracy and to ensure the correct use of the information we hold. For registered users of the website, your Registration Information and Account Information (if any) can be viewed and edited through your account, which is protected by a password. We recommend that you do not divulge your password to anyone. Our personnel will never ask you for your password in an unsolicited phone call or in an unsolicited email. If you share a computer with others, you should not choose to save your login information (e.g., user ID and password) on that shared computer. Remember to sign out of your account and close your browser window when you have finished your session. No data transmission over the internet or any wireless network can be guaranteed to be perfectly secure. As a result, while we try to protect the information we hold for you, we cannot guarantee the security of any information you transmit to us and you do so at your own risk.

CHANGES TO THIS PRIVACY POLICY

Any changes to this Privacy Policy will be communicated by us posting an amended and restated Privacy Policy on the website. Once posted on the website the new Privacy Policy will be effective immediately. You agree that any information we hold about you (as described in this Privacy Policy and whether or not collected prior to or after the new Privacy Policy became effective) will be governed by the latest version of the Privacy Policy. Please visit the policy periodically to be updated.

USER DISCRETION AND OPT OUT

You agree and acknowledge that You are providing Your Information out of Your free will. Subject to certain exceptions prescribed by law and provided Bizongo can authenticate Your identity, You can contact Bizongo at support@bizongo.in or send mail to 701, 7th floor, E-Wing, Times Square, Marol Andheri - Kurla Road, Andheri East, Mumbai - 400059, Maharashtra, India to:

  • Access, verify, correct, update, amend, restrict, object to, or later on withdraw Your consent delete any personal information Bizongo has about You.
  • Review the information Bizongo retains, how it has been used, to whom Bizongo has disclosed such information to.
  • Opt to transfer Your personal data.
  • Change preferences regarding how Your personal information is disclosed.
  • Notify Bizongo if You do not want Your data to be processed anymore.
  • Notify Bizongo if You do not wish to receive further communication from Bizongo.

We will respond to such requests in reasonable time within the time limits established by the applicable law. In accordance with the applicable laws, we reserve the right to charge you a reasonable fee for the processing of any data access or correction request.In the event that You opt out, You should neither visit the Website nor use the services provided by Bizongo nor shall You contact Bizongo. Further, Bizongo may not deliver products to You, upon Your order, or Bizongo may deny You access from using certain services offered on the Website.

GRIEVANCE OFFICER

If You find any discrepancies or have any grievances in relation to the collection, storage, use, disclosure and transfer of Your Personal Information under this Privacy Policy or any terms of Bizongo 's Terms of Use and other terms and conditions of Bizongo, please contact the designated grievance officer under Information Technology Act, 2000 using the details below:

Grievance Officer Name: Vijay Chaurasia

E-mail: privacy@bizongo.com

Postal address: Smart Paddle Technology Pvt. Ltd., 701, 7th floor, E-Wing, Times Square, Marol Andheri - Kurla Road, Andheri East, Mumbai - 400059, Maharashtra, India

Telephone number: +91 9324802875

CIN: U72300MH2015PTC263147

The details of the grievance officer may be changed by Us from time to time by updating this Privacy Policy.

© 2014-2020 Smartpaddle Technology Pvt. Ltd. All rights reserved.

Last Updated on
March 20, 2024

Terms of Use

Welcome to Artwork Flow [https://artwork.bizongo.com] (the “Platform”). This Platform is owned and operated by Smartpaddle Technology Private Limited, a company incorporated in India, having its registered office at 701, 7th floor, E-Wing, Times Square, Marol Andheri - Kurla Road, Andheri East, Mumbai - 400059, Maharashtra, India (the “Company” or “us” or “we” or “our”) and is hosted on the Company’s website [https://artwork.bizongo.com] (“Website”). The product is a cloud-based Platform designed to facilitate online artwork management.

Applicability and Amendment of Terms

These terms and conditions of use (“Terms”), the terms of use of the Website and the privacy policy  available at (“Privacy Policy”) apply to all registered users of the Platform (referred to as  “you”, “your” or “user”). We request you to carefully go through these before you decide to access  this Platform or use the Services made available through the Platform. These Terms, the terms of  use of the Website and the Privacy Policy together constitute a legal agreement between you and  the Company in connection with your access of the Platform and your use of the Services  (“Agreement”). For avoidance of doubt, it is hereby clarified that you acknowledge that the  Company shall not be delivering copies of this Agreement to you as a part of performance of these  Services.

  1. Your use of the Platform or the Services will signify your complete and unqualified acceptance of  the Agreement and your agreement to be legally bound by the same. If you do not agree to or wish to  be bound by the Agreement, you may not access or otherwise use the Platform or the Services. We  reserve the right to modify or terminate any portion of the Platform or the Services offered by the  Company or amend the Terms for any reason, without notice and without liability to you or any third  party, at our sole discretion. To make sure you are aware of any changes, please review these Terms  periodically. Your continued use of the Platform or the Services will signify your acceptance of  the amendments.
  2. Nothing in the Terms should be construed to confer any rights to third party beneficiaries.

Registration and Access

  1. If you wish to avail of the Services of the Company, you will have to register on the Platform and become a registered user thereto. By registering on the Platform, you agree that you are appointing the Company to provide a non-exclusive, non-assignable right to you to access and use the Platform and the Services as defined under these Terms and as may be mutually agreed between the parties.
  2. To register onto the Platform, you will have to provide certain information such as [your name, business profile, e-mail address and contact details]. Following this, exclusive login credentials will be created for you
  3. Registration is only a one-time process and if you have previously registered, you will login into your account using the same credentials as provided by you during the registration process. When you use the Platform, you are responsible for maintaining the confidentiality of your account and password and for restricting access to your computer or mobile or other similar device to prevent unauthorized access to your account. We request you to safeguard your password and your account and make sure that only relevant stakeholders have access to it and no other person can access the same. It is your responsibility to keep your account information current and accurate. You are responsible for keeping your user credentials secure and confidential. You are responsible for any actions taken under your account whether these actions were undertaken by you or by others to whom you provide access (your “Users”). You are responsible for the compliance by your Users of your obligations under this Agreement.
  4. We will make reasonable efforts to make the Platform error-free. Your access to the Platform may be occasionally suspended or restricted to allow for repairs, maintenance, or for introduction of new facilities or services. However, we do not take responsibility for internet related issues or internet downtimes at your end.

Platform Content

  1. All information, content and material contained on the Platform are Company’s intellectual property. All trademarks, services marks, trade names and trade secrets are proprietary to the Company. No information, content or material from the Platform may be copied, reproduced, republished, uploaded, posted, transmitted or distributed in any way without our express written permission
  2. You expressly understand and agree that:
  3. The information, content and materials on the Platform and / or Service is provided on an “as is” and “as available” basis.  Company and all its affiliates, officers, employees, agents and partners disclaim all warranties of any kind, either expressed or implied, including but not limited to, implied warranties on merchantability, fitness for a particular purpose and non-infringement;
  4. Company does not warrant that the functions contained in content, information and materials on the Platform and / or Service, including, without limitation any third party sites or services linked to the Platform and / or that the Service will meet your requirement, be uninterrupted, timely or error-free, that the defects will be rectified, or that the Platform or the servers that make such content, information and materials available are free of viruses or other harmful components;
  5. any material downloaded or otherwise obtained through the Platform are accessed at your own risk, and you will be solely responsible for any damage or loss of data that results from such download to your computer system;
  6. Company cannot and will not assure you that other Platform users are or will be complying with the foregoing rules or any other provisions of these Terms, and, as between you and the Company, you hereby assume all risk of harm or injury resulting from any such lack of compliance by you; and
  7. any document or material uploaded by you on the Platform shall be in accordance with the Agreement.

Representations and Warranties by the Users

  1. By using the Platform and / or the Services, you represent and warrant that:
  2. you are 18 (Eighteen) years of age or older and that your use of the Platform and / or the Services will not violate any applicable law;
  3. if you are agreeing to the Agreement on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind such entity to the terms and conditions of the Agreement; and
  4. all information provided on the Platform by you is true, factual, complete and accurate and you agree to maintain the accuracy of such information.

Conditions of Use

  1. You shall use this Platform only for provision / access of the Services in a lawful and reasonable manner.
  2. You covenant that you will not:
  3. use the Platform and / or the Services in any way that is unlawful, or harms the Company or any other person or entity, as determined in Company’s sole discretion;
  4. circumvent or disable any security or other technical / technological features or measures of the Platform and / or the Services;
  5. make false or malicious statements against the Services and / or the Platform or the Company;
  6. post, copy, submit, upload, distribute, or otherwise transmit or make available any software or other computer files that contains a virus or other harmful component, or otherwise impair or damage the Platform and / or Service or any connected network, or otherwise interfere with any person or entity’s use or enjoyment of the Platform and / or the Service;
  7. engage in any form of antisocial, disruptive, or destructive acts, including “flaming,” “spamming,” “flooding,” “trolling,” and “griefing” as those terms are commonly understood and used on the internet;
  8. post or upload any content that is infringing or misappropriating intellectual property rights of any third party;
  9. copy, republish or create derivative works based upon the Platform and / or the Services;
  10. decrypt, reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code in relation to the Services;
  11. build a similar or competitive website and / or platform and / or service, including the details of interface, techniques, processes, algorithms of the Service and / or Platform;
  12. post or upload any content that is libelous, defamatory, abusive, threatening, harassing, hateful, pornographic, pedophilic, invasive of another’s privacy, racially or ethnically objectionable, disparaging, offensive or otherwise violates any law or right of any third party; and
  13. delete or modify any content of the Platform and / or Service, including but not limited to, legal notices, disclaimers or proprietary notices such as copyright or trademark symbols, logos, that you do not own or have express permission to modify.
  14. Registration is only a one-time process and if you have previously registered, you will login into your account using the same credentials as provided by you during the registration process. When you use the Platform, you are responsible for maintaining the confidentiality of your account and password and for restricting access to your computer or mobile or other similar device to prevent unauthorized access to your account. We request you to safeguard your password and your account and make sure that only relevant stakeholders have access to it and no other person can access the same. It is your responsibility to keep your account information current and accurate. You are responsible for keeping your user credentials secure and confidential. You are responsible for any actions taken under your account whether these actions were undertaken by you or by others to whom you provide access (your “Users”). You are responsible for the compliance by your Users of your obligations under this Agreement.
  15. We will make reasonable efforts to make the Platform error-free. Your access to the Platform may be occasionally suspended or restricted to allow for repairs, maintenance, or for introduction of new facilities or services. However, we do not take responsibility for internet related issues or internet downtimes at your end.

Links to Third Party Websites

  1. The Platform includes links to other websites whose terms and privacy practices may differ from those of the Company. The inclusion of a link does not imply any endorsement by the Company of the third-party website, the website’s provider, or the information on the third-party website. If the users access or submit personal information to any of those websites, such access and information is governed by the terms of use and privacy policies of such third-party websites and the Company disclaims all responsibility or liability with respect to these terms, policies or the websites. The users are encouraged to carefully read the terms and privacy policy of any website that they visit.

Intellectual Property Rights

  1. The Company shall at all times, retain and have sole, absolute and exclusive right and title to, ownership of, and interest in any specifications, information, documentation or data that is provided / produced by the Company to / for the user for the purposes of rendering of Services under these Terms.
  2. The Company shall have all rights, title and interest, including absolute ownership of all intellectual property rights, in and to the Platform and the Services.

Indemnity

  1. You hereby indemnify, defend, and hold the Company, the Company’s agents, affiliates, representatives, authorized users, employees, and assigns harmless from and against any and all losses, damages, liabilities and costs arising from your use of the Platform and / or the Services or the violation of the terms of the Agreement by you.

Limitation of Liability

  1. You expressly understand that under no circumstances will the Company be liable to you or any other person or entity for any direct, indirect, incidental, special, remote or consequential damages, including, but not limited to damages for loss of profits, goodwill, use, data or other intangible losses, resulting from any circumstance.
  2. To the fullest extent permitted by law, in no event will Company or its affiliates be liable for any direct, indirect, special, incidental, punitive, exemplary or consequential damages, whether or not the Company has been warned of the possibility of such damages.

Subscription Fee

  1. The subscription fee payable to the Company may be displayed on the Platform by the Company, at its sole discretion.

Obligations of the Users

  1. User will provide / upload all the necessary information, documents and other materials reasonably required by the Platform to discharge its Services under these Terms.
  2. User shall: (i) notify the Company immediately of any unauthorized use of any password or [user / login] id or any other known or suspected breach of security, (ii) report to the Company immediately and use reasonable efforts to stop any unauthorized use of the Service that is known or suspected by the user.
  3. All records, documents and other materials furnished by you to the Company will be genuine, authentic and in compliance with the applicable laws, and the Company will act on such records, documents and materials in good faith. Under no circumstances will the Company be liable for any suits, claims, actions and demands by any person for any failure on its part owing to any deficiencies, infringement or errors in the records, documents and materials furnished by you.

Termination

  1. In the event you breach the Terms or in the event any other user reports violation of any of their right as a result of your use of the Platform and / or the Services or at the sole discretion of the Company, the Company reserves the right to suspend or terminate your access to the Platform with or without notice to you and to exercise any other remedy available under law. Any suspected illegal, fraudulent or abusive activity will be grounds for terminating your access to the Platform. [Upon suspension or termination, your right to avail the Service and access to the Platform will immediately cease and Company reserves the right to remove or delete your information that is available, including but not limited to login, account information and information uploaded by you.

Data Storage

  1. You agree that the Company may [process, use or store] data uploaded by you, including data in relation to your use of the Service, to assist with the provision of necessary operation and function of the Services and / or the Platform and to improve the Service and / or the Platform. This applies for third party integrations such as Monday.com and the user data maybe be retained for more than 10 days.
  2. In performing the Services, the Company will comply with the terms of use of the Website [https://artwork.bizongo.com/terms-of-use] and Privacy Policy, which is available at [https://artwork.bizongo.com/privacy-policy] and incorporated herein by reference. The terms of use of the Website and the Privacy Policy specifies the responsibilities of the Company in relation to maintaining the security of your data in connection with the Services.

Force Majeure

  1. The Company will not be responsible for any delay or failure to comply with our obligations under the Agreement if the delay or failure arises from any cause which is beyond our reasonable control, including but not limited to any equipment or software malfunction, power failure, fire electrical, internet, or telecommunication outage, government restrictions (including the denial or cancellation of any export or other license).

Applicable Law

  1. You agree that the interpretation of this Terms and the resolution of any disputes arising under these Terms will be governed by the laws of India.

Arbitration

  1. Any dispute, claim or controversy arising out of or relating to this notice or the breach, termination, enforcement, interpretation or validity thereof, including the determination of the scope or applicability of these Terms to arbitrate, or to your use of the Platform or the Services or information to which it gives access, will be determined by arbitration in India, before a sole arbitrator. Arbitration will be conducted in accordance with the Arbitration and Conciliation Act, 1996. The seat of such arbitration will be Mumbai. All proceedings of such arbitration, including, without limitation, any awards, will be in the English language. The award will be final and binding on the parties.

Severability

  1. If any provision of these Terms is held by a court of competent jurisdiction or arbitral tribunal to be unenforceable under applicable law, then such provision will be excluded from these Terms and the remainder of these Terms will be interpreted as if such provision were so excluded and will be enforceable in accordance with its terms; provided however that, in such event these Terms will be interpreted so as to give effect, to the greatest extent consistent with and permitted by applicable law, to the meaning and intention of the excluded provision as determined by such court of competent jurisdiction or arbitral tribunal.

Notices

  1. All notices and other communications required or permitted hereunder to be given to a party will be in writing, in the English language, and will be sent by facsimile, e-mail, or mailed by prepaid internationally-recognized courier, or otherwise delivered by hand or by messenger, addressed to such party’s address as set forth below or at such other address as the party would have furnished to the other party in writing in accordance with this provision: If to Company: SmartPaddle Technology Private Limited 701, 7th floor, E-Wing, Times Square, Marol Andheri - Kurla Road, Andheri East, Mumbai - 400059, Maharashtra, India If to you: at the email address provided by you to us when you register on this Platform.

Waiver

  1. No term of these Terms will be deemed waived and no breach excused, unless such waiver or consent will be in writing and signed by the Company. Any consent by Company to, or waiver of a breach by you, whether expressed or implied, will not constitute consent to, waiver of, or excuse for any other different or subsequent breach.

Electronic Record

  1. This document is an electronic record in terms of the Information Technology Act, 2000 (“IT Act”) and rules made thereunder as may be applicable, and the amended provisions pertaining to electronic records in various statutes as amended by the IT Act. This electronic record is generated by a computer system and does not require any physical or digital signatures. This document is published in accordance with the provisions of the IT Act and the rules made thereunder that require publishing the rules and regulations, Privacy Policy and Terms.

Complete Understanding

  1. These Terms contain the entire understanding of the parties, and there are no other written or oral understandings or promises between the parties with respect to the subject matter of these Terms other than those contained or referenced in these Terms.

You have read these Terms and Conditions and agree to all of the provisions contained above

Last Updated on
September 26, 2023

Report a vulnerability and feature in our Hall of Fame!

To be eligible for a feature, you must:

Be the first person to responsibly disclose the bug.

Please report any bugs that could potentially compromise the privacy of our users' data, bypass the system's protective measures, or grant unauthorized access to any system within our infrastructure.

Types of Recognition

Hall of Fame

‍Rules of Engagement

When reporting a vulnerability to us, please allow us a reasonable amount of time to investigate and address the issue. Additionally, we kindly request that you refrain from accessing sensitive information, performing actions that could harm other Artwork Flow users, or using automated tools to generate reports.

Please do not exploit any security vulnerabilities that you discover, including attempting to access sensitive company data or probing for additional issues that could cause harm.

We ask that you do not violate any laws or agreements while searching for vulnerabilities and that you do not publicly disclose any details of the vulnerability without first obtaining Artwork Flow's permission.

Program Terms

At Artwork Flow, we appreciate security researchers who help us keep our users safe by identifying vulnerabilities in our services. While recognition for such reports is entirely at our discretion and based on factors such as risk and impact, we do offer a Hall of Fame for those who meet the following requirements:

  • Adhere to our Responsible Disclosure Policy
  • Report a security bug that identifies a vulnerability in our services or infrastructure, which creates a security or privacy risk. Please note that we ultimately determine the risk of a vulnerability and that not all software bugs are security vulnerabilities.
  • The reported issue must relate to Artwork Flow’s platform (https://artworkflow.bizongo.com).
  • We specifically exclude certain types of potential security vulnerabilities; please refer to "Exclusions" for further details.
  • If you inadvertently cause a privacy violation or disruption while investigating a vulnerability, please disclose this in your report.

In evaluating reports under our responsible disclosure program,

  • We investigate and respond to all valid reports. However, due to the high volume of reports we receive, we prioritize evaluations based on risk and other factors, which may delay our response time.
  • We determine recognition in our Hall of Fame based on various factors, including the impact of the report, the ease of exploitation, and the quality of the report. Please note that extremely low-risk vulnerabilities may not qualify for recognition in our Hall of Fame.
  • In the event of duplicate reports, we recognize the first person to submit a vulnerability, and we may not share details of the other reports.

Please note that your use of Artwork Flow's services, including for the purposes of this program, is subject to our Terms and Policies. We may retain any communications regarding security vulnerabilities that you report for as long as we deem necessary for program purposes, and we may modify or cancel this program at any time.

How to Report a Vulnerability?

If you find a vulnerability on Artwork Flow’s platform, we kindly ask that you follow the steps outlined below:

  • Fill out the vulnerability report form with all the necessary details to replicate the vulnerability. This may include screenshots, videos, or simple instructions.
  • If possible, please provide your contact information (phone number) so that our security team can get in touch with you if additional information is needed to identify or resolve the issue.
  • If the vulnerability you've found can potentially extract information from our customers or systems or disrupt our system's normal operation, please do not exploit it. This is crucial for us to consider your disclosure as responsible.
  • While we appreciate the contributions of Whitehat hackers, we reserve the right to take legal action if the vulnerabilities you've discovered are exploited for illegal purposes, such as gaining access to restricted customer or system information or disrupting our systems.

Report a Vulnerability

Qualifying Vulnerabilities

The program generally considers any design or implementation problem that can be replicated and significantly impacts the security of Artwork Flow users. Some typical examples of such issues are:

  • Injections
  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)
  • Remote Code Execution (RCE)
  • Authentication/Authorisation flaws
  • Domain take-over vulnerabilities
  • Able to take over other Artwork Flow user accounts (while testing, create another test account to validate, kindly do not test with an active account)
  • Any vulnerability that can affect the Artwork Flow Brand, user data, and financial transactions

Exclusions

The following bugs are unlikely to be eligible:

  • Vulnerabilities found through automated testing.
  • "Scanner output" or scanner-generated reports.
  • Publicly released CVEs or 0-days in internet software within 90 days of their disclosure.
  • "Advisory" or "Informational" reports that do not include any Artwork Flow testing or context.
  • Vulnerabilities requiring MITM or physical access to the victim’s unlocked device.
  • Denial of Service attacks
    ○ SPF and DKIM issues
    ○ Content injection
    ○ Hyperlink injection in emails
    ○ IDN homograph attacks
    ○ RTL Ambiguity
  • Content Spoofing
  • Vulnerabilities relating to Password Policy.
  • Full-Path Disclosure on any property.
  • Version number information disclosure.
  • Third-party applications on the Bizongo Application directory (identified by the existence of a "Report this app" link on the app's page). Please report vulnerabilities with these services to the creator of that specific application.
  • Clickjacking on pre-authenticated pages, the non-existence of X-Frame-Options, or other non-exploitable clickjacking vulnerabilities.
  • CSRF-able actions that do not require authentication (or a session) to exploit Reports related to the following security-related headers
    ○ Strict Transport Security (HSTS)
    ○ XSS mitigation headers (X-Content-Type and X-XSS-Protection)
    ○ X-Content-Type-Options
    ○ Content Security Policy (CSP) settings (excluding nosniff in an exploitable scenario)
  • Bugs that do not represent any security risk
  • Security bugs in third-party applications or services built on the Artwork Flow API - please report them to the third party that built the application or service
  • Security bugs in software related to an acquisition for a period of 90 days following any public announcement
  • HTTP TRACE or OPTIONS methods enabled
  • Non-sensitive (i.e., non-session) cookies missing the Secure or HttpOnly flags
  • Tap jacking
  • Mobile client issues require a rooted device and/or outdated OS version or SSL pinning issues.
  • Subdomain takeovers without supporting evidence
  • Missing best practices in SSL/TLS configuration.
  • The Vulnerabilities that cannot be used to exploit other users or Artwork Flow -- e.g., self-XSS or having a user paste JavaScript into the browser console
  • Open ports without an accompanying proof-of-concept demonstrating vulnerability
  • Vulnerabilities in the whitehat report form

Acknowledgments

We currently do not offer a bounty or cash reward program for such disclosures, but we appreciate your contribution and express our gratitude in various ways. If you make a sincere and ethical disclosure, we would be delighted to publicly recognize your contribution in the designated section on our website. However, we understand that you may not want a public acknowledgment, and we will respect your preference accordingly.

Hall Of Fame

We would like to extend our gratitude to the individuals listed below for identifying and responsibly disclosing security vulnerabilities on Artwork Flow's platform. Their efforts and contribution towards the security of Artwork Flow and its users are highly appreciated.

Webinar Popup Cancel button